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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH (S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- tf the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- ff NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )[3 Responsive to communication(s) filed on 07 March 2005 . 
2a)S This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 1-36 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 7-36 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) S The drawing(s) filed on 07 March 2005 is/are: a)D accepted or b)S objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Drawings 

1 . The drawings are objected to because Figure 2 shows unlabeled rectangular boxes that 
require proper text labeling. Corrected drawing sheets in compliance with 37 CFR 1 . 121(d) are 
required in reply to the Office action to avoid abandonment of the application. Any amended 
replacement drawing sheet should include all of the figures appearing on the immediate prior 
version of the sheet, even if only one figure is being amended. The figure or figure number of an 
amended drawing should not be labeled as "amended." If a drawing figure is to be canceled, the 
appropriate figure must be removed from the replacement sheet, and where necessary, the 
remaining figures must be renumbered and appropriate changes made to the brief description of 
the several views of the drawings for consistency. Additional replacement sheets may be 
necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after 
the filing date of an application must be labeled in the top margin as either "Replacement Sheet" 
or "New Sheet" pursuant to 37 CFR 1 . 121(d). If the changes are not accepted by the examiner, 
the applicant will be notified and informed of any required corrective action in the next Office 
action. The objection to the drawings will not be held in abeyance. 

2. In addition to Replacement Sheets containing the corrected drawing figure(s), applicant is 
required to submit a marked-up copy of each Replacement Sheet including annotations 
indicating the changes made to the previous version. The marked-up copy must be clearly 
labeled as "Annotated Sheets" and must be presented in the amendment or remarks section that 
explains the change(s) to the drawings. See 37 CFR 1 .121(d)(1). Failure to timely submit the 
proposed drawing and marked-up copy will result in the abandonment of the application. 
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Response to Arguments 

3. Applicants arguments filed 3/7/05 have been fully considered but they are not 
persuasive. A discussion of each point is given below. 

4. The applicant states that "the effective date of the Belissent patent is after the date of the 
invention of the present invention by Applicants. Applicants can submit a Declaration of Prior 
Invention, but will not submit one at this time. (P. 14, line 19 - P. 15, line 2)." The Belissent 
patent as filed has an effective date of June 26, 2000, while the filing date of the instant 
application is July 26, 2001, with no reference of parent cases in either the specification or the 
declaration. No Declaration of Prior Invention (Affidavit 1.131) has been submitted along with 
required proof of conception, reduction to conceptual to actual practice, and due diligence in 
between. Examiner will remove Belissent as applied art if and only if proper evidence is 
provided, and not on a statement of intent to provide. 

5. The applicant states that "the Coley patent clearly teaches in Col. 7 that the firewall is an 
application. . . and does not teach processors, instruction memory, data memory or I/O ports. (P. 
16, lines 10-14)." Coley teaches that, in the preferred embodiment of the invention, ". . .The 
firewall 210 runs on a dedicated firewall box. That is, the computer upon which the firewall 210 
is running, is dedicated to the firewall application. The processes, programs and applications 
running on the firewall computing platform are those involved with firewall processes, or their 
support. . . The addition of other, unrelated, applications to the firewall box merely compromises 
the integrity of the firewall, (col. 7, lines 24-34)." The examiner considers all components of 
the firewall box, both hardware and software, to be the hardware firewall, and thus the 
components of the firewall box are applicable. As all hardware firewalls run some form of 
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software, and as the firewall box runs no other applications, the applicability is clear. Thus, the 
firewall is a stand-alone hardware component. 

6. The applicant alleges that Colley in view of Belissent do not teach or disclose "a 
component for computing a derivative of data flow rate over time to determine the rate of change 
of data flow (P. 19, lines 7-9)." Belissent teaches that the IP throttler tracks and manipulates data 
flow rates (col. 4, lines 10-25), specifically by determining the number of connections per client 
IP address per time interval (col. 4, lines 25-35), and performs throttling techniques if this 
derivative exceeds a certain threshold (col. 4, lines 35-50). Hence, Belissent teaches this 
limitation. 

7. In response to applicant's argument that there is no suggestion to combine the references, 
the examiner recognizes that obviousness can only be established by combining or modifying the 
teachings of the prior art to produce the claimed invention where there is some teaching, 
suggestion, or motivation to do so found either in the references themselves or in the knowledge 
generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 
USPQ2d 1596 (Fed. Cir. 1988) and/« re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 
1992). In this case, the firewall box of Coley is a publicly accessible component (Fig. 2, #210) 
meant to protect the internal network from various attacks (col. 2, line 49 - col. 6, line 50). 
Further, Belissent clearly teaches that its method is meant to supplement firewall security, even if 
the firewall were software based (Fig. 1, #106; Fig. 2, #206) and that the Belissent system may 
be easily added to the firewall (col. 5, lines 35-60), to be used even in cases where a connection 
request has been accepted (col 1, line 65 - col. 2, line 10). At the time the invention was made, 
one of ordinary skill in the art would have added Belissent' s IP throttler to Coley' s firewall and 
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packet filtering schemes to further protect against IP spoofing and source based routing (Co ley, 
col. 6, lines 40-50), and to protect the server from a well-known and potentially devastating 
attack (col. 2, lines 20-45). 

8. For the reasons above, the current rejection is maintained, and therefore made final. 

Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

10. Claims 1-36 are rejected under 35 U.S.C. 103(a) as being unpatentable over Coley et al. 
(5,826,014) in view of Belissent (6,789,203). 

11. For claims 1, 10, 19, Coley teaches an apparatus (abstract; col. 1, line 1 - col. 6, line 50) 
comprising: 

a. A network resource server (Fig. 2, #214-218) having at least one computer system 
(Fig. 2, #216) comprising a central processing unit and server memory (Fig. 1, #1 18); and 

b. A network processor (Fig. 2, #210; col. 7, lines 24-34) coupled to said network 
resource server (Fig. 2, #212) comprising: 

i. A plurality of interface processors (col. 3, line 58 - col. 4, line 10); 

ii. Instruction memory for storing instructions accessibly to said interface 
processors (col. 7, lines 20-40); 
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iii. Data memory for storing data passing through said network processor to 
and from said network resource server accessibly to said interface processors (col. 
7, line 40 - col. 8, line 16); and 

iv. A plurality of input/output ports (col. 3, line 58 - col. 4, line 10): 

(1) One of said input/output ports adapted for exchanging data passing 
through said network processor (Fig. 2, #206) with an external network 
(Fig. 2, #202) under the direction of said interface processors (col. 7, lines 
1-20); 

(2) At least one other of said input/output ports adapted for 
exchanging data passing through said network processor with said 
network resource server (col 7, lines 1-20); 

c. Said network processor and said network resource server cooperating in directing 
the exchange of data between said input/output ports and the flow of data through said 
data memory to and from said network resource server in response to execution by said 
interface processors of instructions loaded into said instruction memory (Figs. 3 & 4); 

d. Said network processor further comprising at least one monitor for monitoring the 
data flow addressed to said network resource server (col. 6, lines 5-20 and 48-50), and at 
least one modifier for modifying the instructions loaded into said instruction memory 
(col. 7, line 65). 

12. Coley does not expressly disclose that said network processor further comprising at least 
one rate monitor for monitoring the rate of data flow addressed to said network resource server, 
at least one of said interface processors comprising a component for computing a derivative of 
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data flow rate over time to determine the rate of change of data flow, and at least one modifier 
for modifying the instructions loaded into said instruction memory in response to the determined 
rate of change. Coley does teach that a variety of undisclosed monitors may be added as deemed 
fit or necessary for a particular scenario (col. 10, lines 28-35; col. 13, line 46 - col 14, line 13). 
Belissent teaches a method (abstract) of preventing Denial of Service (DoS) attacks by 
monitoring and changing the rate of data flow (col. 1, line 1 - col 3, line 40). Belissent teaches 
that the IP throttler tracks and manipulates data flow rates (col. 4, lines 10-25), specifically by 
determining the number of connections per client IP address per time interval (col. 4, lines 25- 
35), and performs throttling techniques if this derivative exceeds a certain threshold (col. 4, lines 
35-50). At the time the invention was made, one of ordinary skill in the art would have added 
Belissent' s IP throttler to Coley 5 s firewall and packet filtering schemes to further protect against 
IP spoofing and source based routing (Coley, col. 6, lines 40-50), and to protect the server from a 
well-known and potentially devastating attack (col. 2, lines 20-45). 
13. For claims 2, 1 1, 20, Coley does not expressly disclose that at least one interface 
processor further comprises means for comparing said determined rate of change to at least one 
predetermined boundary and wherein said modifier modifies the instruction when the rate of 
change has a prespecified relationship to said at least one predetermined boundary. Belissent 
teaches these limitations, as shown above and in other areas (col. 4, lines 10-50). At the time the 
invention was made, one would have noted Coley 5 s concern regarding DoS attacks (col. 4, lines 
10-25; col. 6, lines 15-20) and used the Belissent system to fulfill this requirement (col. 2, lines 
50-65). 
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14. For claims 3, 12, 21, Coley and Belissent do not expressly disclose that said network 
processor comprises a semiconductor substrate and further wherein said interface processors, 
said instruction memory, said data memory, and said input/output ports are formed on said 
semiconductor substrate. Examiner takes Official Notice (see MPEP § 2144.03) that 
"processors, memory, etc. are formed on semiconductor substrates" in a computer networking 
environment was well known in the art at the time the invention was made. One of ordinary skill 
in the art would be aware that most chips, memory, etc., are developed on silicon chips or similar 
semiconductor substrates, and in fact would likely be unaware of any alternatives. Therefore, 
one of ordinary skill in the art would have produced these items from semiconductor substrates. 

15. The Applicant is entitled to traverse any/all official notice taken in this action according 
to MPEP § 2144.03. However, MPEP § 2144.03 further states "See also In re Boon, 439 F.2d 
724, 169 USPQ 231 (CCPA 1971) (a challenge to the taking of judicial notice must contain 
adequate information or argument to create on its face a reasonable doubt regarding the 
circumstances justifying the judicial notice)." Specifically, In re Boon, 169 USPQ 231, 234 
states "as we held in Ahlert, an applicant must be given the opportunity to challenge either the 
correctness of the fact asserted or the notoriety or repute of the reference cited in support of the 
assertion. We did not mean to imply by this statement that a bald challenge, with nothing more, 
would be all that was needed". Further note that 37 CFR § 1.671(c)(3) states "Judicial notice 
means official notice". Thus, a traversal by the Applicant that is merely "a bald challenge, with 
nothing more" will be given very little weight. 

16. For claims 4, 13, 22, Coley teaches that said network processor is adapted to process 
communication protocols (col. 1, lines 25-35; col. 6, lines 20-33; col. 7, lines 35-65) and to 
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exchange application data to be processed by said computer system with said network resource 
server (col. 10, lines 35-55). 

17. For claims 5, 14, 23, Coley teaches that said network resource server has a plurality of 
computer systems serving diverse purposes (col. 2, lines 5-45) and said network processor 
directs application data to an appropriate one of said computer systems for exercising the data in 
accordance with the appropriate purpose therefore (col. 7, lines 40-45). 

18. For claims 6, 15, 24, Coley does not expressly disclose that said network resource server 
has a plurality of computer systems serving a common purpose and said network processor 
directs application data to varying ones of said computer systems for exercising the data in a 
predetermined flow among said computer systems. Belissent teaches that the servers can have a 
common purpose (col. 4, line 65 - col. 5, line 5) and utilizing predetermined flow rates (col. 5, 
line 40 - col. 6, line 40). At the time the invention was made, one of ordinary skill in the art 
would have used a Belissent network in order to handle any system for any distributed network 
(col. 4, lines 50-65). 

19. For claims 7, 16, 25, Coley and Belissent do not expressly disclose that the number of 
said interface processors exceeds four. Belissent does disclose that the number of processors 
may be any number (col. 7, lines 15-60). Examiner takes Official Notice (see MPEP § 2144,03) 
that "four or more processors" in a computer networking environment was well known in the art 
at the time the invention was made. Multi-processor computers are well known in the art, and* 
the applicant fails to disclose the need or functionality for multiple processors, and further fails 
to show unexpected benefit or higher difficulty. At the time the invention was made, one of 
ordinary skill in the art would have used four or more processors for aesthetic purposes. 
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20. The Applicant is entitled to traverse any/all official notice taken in this action according 
to MPEP § 2144.03. However, MPEP § 2144.03 further states "See also In re Boon, 439 F.2d 
724, 169 USPQ 231 (CCPA 1971) (a challenge to the taking of judicial notice must contain 
adequate information or argument to create on its face a reasonable doubt regarding the 
circumstances justifying the judicial notice)." Specifically, In re Boon, 169 USPQ 231, 234 
states "as we held in Ahlert, an applicant must be given the opportunity to challenge either the 
correctness of the fact asserted or the notoriety or repute of the reference cited in support of the 
assertion. We did not mean to imply by this statement that a bald challenge, with nothing more, 
would be all that was needed". Further note that 37 CFR § 1.671(c)(3) states "Judicial notice 
means official notice". Thus, a traversal by the Applicant that is merely "a bald challenge, with 
nothing more" will be given very little weight. 

21. For claims 8, 17, 26, Coley does not expressly disclose that said at least one rate monitor 
of said network processor monitors data flow inbound toward said network resource server and 
said at least one modifier increases the discard of inbound data upon the rate of change of 
inbound data exceeding a predetermined boundary. Belissent teaches these limitations (col. 5, 
line 40 - col. 6, line 40). At the time the invention was made, one of ordinary skill in the art 
would have combined the inventions to handle DoS attacks, as shown above. 

* 

22. For claims 9, 18, 27, Coley does not expressly disclose that said at least one modifier of 
said network processor decreases the discard rate of inbound data upon the rate of change of 
inbound data falling below a second predetermined boundary. Belissent teaches this limitation 
(col. 6, lines 30-40). At the time the invention was made, one of ordinary skill in the art would 
have combined the inventions to handle DoS attacks, as shown above. 
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23. Claim 28 is drawn to the limitations in claims 1, 2, and 8. Therefore, since claims 1, 2, 
and 8 are rejected, claim 28 is also rejected for the reasons above. 

24. Claims 29-32 are drawn to the limitations in claims 2, 8, and 9. Therefore, since claims 
2, 8, and 9 are rejected, claims 29-32 are also rejected for the reasons above. 

25. Claims 33-35 are drawn to the limitations in claims 30-32. Therefore, since claims 30-32 
are rejected, claims 33-35 are also rejected for the reasons above. 

26. Claim 36 is drawn to the limitations in claim 1. Therefore, since claim 1 is rejected, 
claim 36 is also rejected for the reasons above. 

Conclusion 

27. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Melvin H. Pollack whose telephone number is (571) 272-3887. 
The examiner can normally be reached on 8:00-4:30 M-F. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Valencia Martin- Wallace can be reached on (571) 272-6159. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

MHP 

10 June 2005 




VALENCIA MARTIN-WALLACE 
SUPERVISORY PATENT EXAMINER 



